Share real and effective CompTIA CASP CAS-003 exam dumps for free. 13 Online CAS-003 Exam Practice test questions and answers, online CAS-003 pdf download, easy to learn! Get the full CAS-003 Dumps: https://www.leads4pass.com/cas-003.html (Total Questions: 544 Q&A) to make it easy to pass the exam!
CASP+ is the only hands-on, performance-based certification for practitioners – not managers – at the advanced skill level of cybersecurity.While cybersecurity managers help identify what cybersecurity policies and frameworks could be implemented, CASP+ certified professionals figure out how to implement solutions within those policies and frameworks.
[PDF] Free CompTIA CASP CAS-003 pdf dumps download from Google Drive: https://drive.google.com/open?id=1QZw_MPIYiI6w1CWtMK7AYYZcaO4XT6KY
[PDF] Free Full CompTIA pdf dumps download from Google Drive: https://drive.google.com/open?id=1cFeWWpiWzsSWZqeuRVlu9NtAcFT4WsiG
(CASP+) Advanced Security Practitioner Certification | CompTIA IT Certifications: https://certification.comptia.org/certifications/comptia-advanced-security-practitioner
Latest effective CompTIA CASP CAS-003 Exam Practice Tests
QUESTION 1
A critical system audit shows that the payroll system is not meeting security policy due to missing OS security patches.
Upon further review, it appears that the system is not being patched at all. The vendor states that the system is only
supported on the current OS patch level. Which of the following compensating controls should be used to mitigate the
vulnerability of missing OS patches on this system?
A. Isolate the system on a secure network to limit its contact with other systems
B. Implement an application layer firewall to protect the payroll system interface
C. Monitor the system\\’s security log for unauthorized access to the payroll application
D. Perform reconciliation of all payroll transactions on a daily basis
Correct Answer: A
The payroll system is not meeting security policy due to missing OS security patches. We cannot apply the patches to
the system because the vendor states that the system is only supported on the current OS patch level. Therefore, we
need another way of securing the system.
We can improve the security of the system and the other systems on the network by isolating the payroll system on a
secure network to limit its contact with other systems. This will reduce the likelihood of a malicious user accessing the
payroll system and limit any damage to other systems if the payroll system is attacked.
QUESTION 2
A security architect is designing a new infrastructure using both type 1 and type 2 virtual machines. In addition to the
normal complement of security controls (e.g. antivirus, host hardening, HIPS/NIDS) the security architect needs to
implement a mechanism to securely store cryptographic keys used to sign code and code modules on the VMs. Which
of the following will meet this goal without requiring any hardware pass-through implementations?
A. vTPM
B. HSM
C. TPM
D. INE
Correct Answer: A
A Trusted Platform Module (TPM) is a microchip designed to provide basic security-related functions, primarily involving
encryption keys. The TPM is usually installed on the motherboard of a computer, and it communicates with the
remainder of the system by using a hardware bus.
A vTPM is a virtual Trusted Platform Module.
IBM extended the current TPM V1.2 command set with virtual TPM management commands that allow us to create and
delete instances of TPMs. Each created instance of a TPM holds an association with a virtual machine (VM) throughout
its lifetime on the platform.
QUESTION 3
A security administrator has been asked to select a cryptographic algorithm to meet the criteria of a new application.
The application utilizes streaming video that can be viewed both on computers and mobile devices. The application
designers have asked that the algorithm support the transport encryption with the lowest possible performance
overhead. Which of the following recommendations would BEST meet the needs of the application designers? (Select
TWO).
A. Use AES in Electronic Codebook mode
B. Use RC4 in Cipher Block Chaining mode
C. Use RC4 with Fixed IV generation
D. Use AES with cipher text padding
E. Use RC4 with a nonce generated IV
F. Use AES in Counter mode
Correct Answer: EF
In cryptography, an initialization vector (IV) is a fixed-size input to a cryptographic primitive that is typically required to be
random or pseudorandom. Randomization is crucial for encryption schemes to achieve semantic security, a property
whereby repeated usage of the scheme under the same key does not allow an attacker to infer relationships between
segments of the encrypted message.
Some cryptographic primitives require the IV only to be non-repeating, and the required randomness is derived
internally. In this case, the IV is commonly called a nonce (number used once), and the primitives are described as
stateful as opposed to randomized. This is because the IV need not be explicitly forwarded to a recipient but may be
derived from a common state updated at both sender and receiver side. An example of stateful encryption schemes is
the counter mode of operation, which uses a sequence number as a nonce.
AES is a block cipher. Counter mode turns a block cipher into a stream cipher. It generates the next keystream block by
encrypting successive values of a “counter”. The counter can be any function which produces a sequence which is
guaranteed not to repeat for a long time, although an actual increment-by-one counter is the simplest and most popular.
QUESTION 4
The latest independent research shows that cyber attacks involving SCADA systems grew an average of 15% per year
in each of the last four years, but that this year\\’s growth has slowed to around 7%. Over the same time period, the
number of attacks against applications has decreased or stayed flat each year. At the start of the measure period, the
incidence of PC boot loader or BIOS based attacks was negligible. Starting two years ago, the growth in the number of
PC boot loader attacks has grown exponentially. Analysis of these trends would seem to suggest which of the following
strategies should be employed?
A. Spending on SCADA protections should stay steady; application control spending should increase substantially and
spending on PC boot loader controls should increase substantially.
B. Spending on SCADA security controls should stay steady; application control spending should decrease slightly and
spending on PC boot loader protections should increase substantially.
C. Spending all controls should increase by 15% to start; spending on application controls should be suspended, and
PC boot loader protection research should increase by 100%.
D. Spending on SCADA security controls should increase by 15%; application control spending should increase slightly,
and spending on PC boot loader protections should remain steady.
Correct Answer: B
Spending on the security controls should stay steady because the attacks are still ongoing albeit reduced in occurrence
Due to the incidence of BIOS-based attacks growing exponentially as the application attacks being decreased or staying
flat spending should increase in this field.
QUESTION 5
A network engineer wants to deploy user-based authentication across the company\\’s wired and wireless infrastructure
at layer 2 of the OSI model. Company policies require that users be centrally managed and authenticated and that each
user\\’s network access be controlled based on the user\\’s role within the company. Additionally, the central
authentication system must support hierarchical trust and the ability to natively authenticate mobile devices and
workstations. Which of the following are needed to implement these requirements? (Select TWO).
A. SAML
B. WAYF
C. LDAP
D. RADIUS
E. Shibboleth
F. PKI
Correct Answer: CD
RADIUS is commonly used for the authentication of WiFi connections. We can use LDAP and RADIUS for the
authentication of users and devices.
LDAP and RADIUS have something in common. They`re both mainly protocols (more than a database) which uses
attributes to carry information back and forth. They`re clearly defined in RFC documents so you can expect products
from different vendors to be able to function properly together.
RADIUS is NOT a database. It\\’s a protocol for asking intelligent questions to a user database. LDAP is just a
database. In recent offerings it contains a bit of intelligence (like Roles, Class of Service and so on) but it still is mainly
just a rather stupid database. RADIUS (actually RADIUS servers like FreeRADIUS) provide the administrator the tools
to not only perform user authentication but also to authorize users based on extremely complex checks and logic. For
instance you can allow access on a specific NAS only if the user belongs to a certain category, is a member of a specific
group and an outside script allows access. There\\’s no way to perform any type of such complex decisions in a user
database.
QUESTION 6
The government is concerned with remote military missions being negatively being impacted by the use of technology
that may fail to protect operational security. To remediate this concern, a number of solutions have been implemented,
including the following:
End-to-end encryption of all inbound and outbound communication, including personal email and chat sessions that
allow soldiers to securely communicate with families.
Layer 7 inspection and TCP/UDP port restriction, including firewall rules to only allow TCP port 80 and 443 and
approved applications
A host-based whitelist of approved websites and applications that only allow mission-related tools and sites
The use of satellite communication to include multiple proxy servers to scramble the source IP address
Which of the following is of MOST concern in this scenario?
A. Malicious actors intercepting inbound and outbound communication to determine the scope of the mission
B. Family members posting geotagged images on social media that were received via email from soldiers
C. The effect of communication latency that may negatively impact real-time communication with mission control
D. The use of centrally managed military network and computers by soldiers when communicating with external parties
Correct Answer: A
QUESTION 7
An administrator believes that the web servers are being flooded with excessive traffic from time to time. The
administrator suspects that these traffic floods correspond to when a competitor makes major announcements. Which of
the following should the administrator do to prove this theory?
A. Implement data analytics to try and correlate the occurrence times.
B. Implement a honey pot to capture traffic during the next attack.
C. Configure the servers for high availability to handle the additional bandwidth.
D. Log all traffic coming from the competitor\\’s public IP addresses.
Correct Answer: A
There is a time aspect to the traffic flood and if you correlate the data analytics with the times that the incidents
happened, you will be able to prove the theory.
QUESTION 8
ABC Company must achieve compliance for PCI and SOX. Which of the following would BEST allow the organization to
achieve compliance and ensure security? (Select THREE).
A. Establish a list of users that must work with each regulation
B. Establish a list of devices that must meet each regulation
C. Centralize management of all devices on the network
D. Compartmentalize the network
E. Establish a company framework
F. Apply technical controls to meet compliance with the regulation
Correct Answer: BDF
Payment card industry (PCI) compliance is adherence to a set of specific security standards that were developed to
protect card information during and after a financial transaction. PCI compliance is required by all card brands. There
are six main requirements for PCI compliance. The vendor must: Build and maintain a secure network Protect
cardholder data Maintain a vulnerability management program Implement strong access control measures Regularly
monitor and test networks Maintain an information security policy To achieve PCI and SOX compliance you should:
Establish a list of devices that must meet each regulation. List all the devices that contain the sensitive data.
Compartmentalize the network. Compartmentalize the devices that contain the sensitive data to form a security
boundary. Apply technical controls to meet compliance with the regulation. Secure the data as required.
QUESTION 9
An administrator implements a new PHP application into an existing website and discovers the newly added PHP pages
do not work. The rest of the site also uses PHP and is functioning correctly. The administrator tested the new
application
on their personal workstation thoroughly before uploading to the server and did not run into any errors. Checking the
Apache configuration file, the administrator verifies that the new virtual directory is added as listed:
DocumentRoot “/var/www”
AllowOveride none
Order allow, deny
Allow from all
Which of the following is MOST likely occurring so that this application does not run properly?
A. PHP is overriding the Apache security settings.
B. SELinux is preventing HTTP access to home directories.
C. PHP has not been restarted since the additions were added.
D. The directory had an explicit allow statement rather than the implicit deny.
Correct Answer: B
QUESTION 10
An internal employee has sold a copy of the production customer database that was being used for upgrade testing to
outside parties via HTTP file upload. The Chief Information Officer (CIO) has resigned and the Chief Executive Officer
(CEO) has tasked the incoming CIO with putting effective controls in place to help prevent this from occurring again in
the future. Which of the following controls is the MOST effective in preventing this threat from re-occurring?
A. Network-based intrusion prevention system
B. Data loss prevention
C. Host-based intrusion detection system
D. Web application firewall
Correct Answer: B
QUESTION 11
The security engineer receives an incident ticket from the helpdesk stating that DNS lookup requests are no longer
working from the office. The network team has ensured that Layer 2 and Layer 3 connectivity are working. Which of the
following tools would a security engineer use to make sure the DNS server is listening on port 53?
A. PING
B. NESSUS
C. NSLOOKUP
D. NMAP
Correct Answer: D
NMAP works as a port scanner and is used to check if the DNS server is listening on port 53.
QUESTION 12
A security administrator wants to perform an audit of the company password file to ensure users are not using personal
information such as addresses and birthdays as part of their password. The company employs 200,000 users, has
virtualized environments with cluster and cloud-based computing resources, and enforces a minimum password length
of 14 characters. Which of the following options is BEST suited to run the password auditing software and produce a
report in the SHORTEST amount of time?
A. The system administrator should take advantage of the company\\’s cluster based computing resources, upload the
password file to the cluster, and run the password cracker on that platform.
B. The system administrator should upload the password file to a virtualized de-duplicated storage system to reduce the
password entries and run a password cracker on that file.
C. The system administrator should build a virtual machine on the administrator\\’s desktop, transfer the password file to
it, and run the a password cracker on the virtual machine.
D. The system administrator should upload the password file to cloud storage and use on- demand provisioning to build
a purpose based virtual machine to run a password cracker on all the users.
Correct Answer: A
QUESTION 13
A security engineer has implemented an internal user access review tool so service teams can baseline user accounts
and group memberships. The tool is functional and popular among its initial set of onboarded teams. However, the tool
has not been built to cater to a broader set of internal teams yet. The engineer has sought feedback from internal
stakeholders, and a list of summarized requirements is as follows:
The tool needs to be responsive so service teams can query it, and then perform an automated response action.
The tool needs to be resilient to outages so service teams can perform the user access review at any point in time and
meet their own SLAs.
The tool will become the system-of-record for approval, reapproval, and removal life cycles of group memberships and
must allow for data retrieval after failure.
Which of the following need specific attention to meet the requirements listed above? (Choose three.)
A. Scalability
B. Latency
C. Availability
D. Usability
E. Recoverability
F. Maintainability
Correct Answer: BCE
Share 13 of the latest CompTIA CASP CAS-003 exam questions and answers for free to help you improve your skills and experience! Easily select the complete CAS-003 Dumps: https://www.leads4pass.com/cas-003.html (Total Questions: 544 Q&A) through the exam! Guaranteed to be
true and effective! Easily pass the exam!
CASP+ covers the technical knowledge and skills required to conceptualize, engineer, integrate and implement secure solutions across complex environments to support a resilient enterprise.
[PDF] Free CompTIA CASP CAS-003 pdf dumps download from Google Drive: https://drive.google.com/open?id=1QZw_MPIYiI6w1CWtMK7AYYZcaO4XT6KY
[PDF] Free Full CompTIA pdf dumps download from Google Drive: https://drive.google.com/open?id=1cFeWWpiWzsSWZqeuRVlu9NtAcFT4WsiG
leads4pass Promo Code 12% Off
related: https://www.certificatedumps.com/microsoft-corporation-should-remember/